How to Filter Spammy Words and Stop Notifications Sending When Using Gravity Forms

I was editing the contact form on one of my client’s sites today, and was horrified to see the amount of spammy messages coming through their Gravity Forms contact form.

Emails like this:

Or if they’re more clever, they’ll send it from a European female name … as this generates a higher response rate!

Nearly all of this contact form spam is sent from temporary Gmail accounts that will soon be shut down when they get too many spam complaints.

Yes, there is a CAPTCHA on the form, but these messages are submitted by real people, so they fill in the CAPTCHA. There is a strong theme to the messages – nearly all selling cheap SEO and outsourcing services.

Since they have some very common keywords in the messages, such as “outsource”, “SEO” or “Dear Sir/Madam”, I decided to apply a filter to the notifications, so that if the message has one of those spammy keywords in it, then the Gravity Forms notification won’t send to my client.

Unfortunately after a fair bit of time searching, I found that there was no Gravity Forms plugin available to do what I was wanting.

Time for a custom solution.

I found this post from Chris Moore, which provides code that throws a validation error on the forms if someone tries to submit with the spammy keywords.

That was a good start, but since the keyword filter is rather simple, I didn’t want the end user to see that their form hadn’t been submitted. Because they could easily modify the words they think are the cause of the problem and then get it through.

So instead my aim was to have the form seemingly submit successfully, but actually no notification would get sent to the company owner.

So basing my code off what Chris provided here is what I did:

How To Filter For Keywords and Stop Notifications Being Sent with Gravity Forms

Add a hidden field to my form, called “Passed keyword spam check?” Give it a default value of “YES”

Edited the notification email to have conditional logic – it will only send if the “Passed keyword spam check?” field has a value of “YES”.

Now I added this code, modified from Chris’ code, which checks the fields against the range of keywords, and if it finds any of those words, it changes this “Passed keyword spam check” field to “NO”.So the user thinks the form has been submitted successfully, but the notification is not sent. The entry is still stored in the database, but that doesn’t concern me as my clients only deal with the enquiries they receive by email notification.Before we get to the code, there are a couple of points to note about this code. Firstly, as with all custom functions, it should be placed in your functions.php file in your child theme, or in a custom functions plugin.Secondly, there are three things you need to set in the code. These are highlighted in the code as Step 1, Step 2 and Step 3.

Set the form ID you want this to apply to. gform_pre_submission_1 means form ID 1. gform_pre_submission_2 means form ID 2, etc.

Choose the keywords you want to block. The example code comes with the words I have chosen to block.

Finally you need to set the ID of your “Passed keyword spam check” field.
The code defaults to field #7 – on this line:$_POST['input_7'] = "No";
You can see in the screenshot above that my “Passed keyword spam check” field is Field ID 7. Enter the correct field ID for your form.

About Josh Moore

I run an online marketing agency and we build sites in Wordpress. While the developers on my team do the real development work, I enjoy solving problems and documenting things I discover which will hopefully help others.